Building CRUD apps with Perch Runway

  • I've recently released Pipit Members v1.1.0 which makes it easier to allow members (registered with the first-party Perch Members app) create/edit/delete collection items via Perch-templated forms:




    This essentially makes it easier to build CRUD apps with Perch Runway without having to write your own custom Perch apps. You would use:


    I'm posting here to open a dialog with other developers. So feel free to share your thoughts, request features that would make it even easier for you or ask questions.

  • If I have a Collection of member biographies (with different field types like text and image), does this mean that a member or admin user would be able to edit these?


    Yes! Someone who's registered as a member via the Perch Member app would be able to edit this.




    A member should be able to edit their own biography not others. Is that possible?

    Assuming the collection items are linked to the relevant members (e.g. by relating them using the Members field type), you can only display the edit form to the relevant member.


    In a member-only page, you can filter by the member ID:



    And you can expand this to a list/detail pattern where the member is allowed to create/edit multiple items (e.g. a ticketing system):



    So you are controlling what items a member edits.


    The one thing this lacks right now is stricter checks at the form handler level. While the form is CSRF protected, a malicious user technically can edit the values of the hidden _id and member fields on the form.


    Normally you'd check the logged in member submitting the form is the same member linked to the item. The reason I have not implemented this check in Pipit Members yet is I find the identifying link to the collection item is not necessarily the member ID. So I'm working on implementing a way to allow you (the developer) to define this check.

  • I've added Pipit Members folder to perch/addons/apps and edited my apps.php file but I'm getting this error:


    PHP Fatal error: Cannot declare class PipitMembers, because the name is already in use in /perch/addons/apps/pipit_members/lib/PipitMembers.class.php on line 3


    ... which means I cannot see Perch admin. If I delete the Pipit Members folder, I can get back into Perch admin.


    Have I done something wrong here?